Alain, once a framework gets so big, it really doesn't matter if development on it stopped tomorrow, because someone else would just pick up the torch and run with it. That is the beauty of open source. If a lot of people depend on the library or framework to do their job (such as the cases of Socket.io, three.js, jQuery and many others), then there will be devs that will maintain it even if all the original dev team were to disappear. Even if they took a big turn in the development, that will generally just fork off a "classic" version that another group will keep maintaining.

To me, the pros far outweigh the cons when it comes to using libraries and frameworks. It is already hard for hobbyist devs to finish projects, and if you are starting from a very low-level, you have probably just shrunk the chances of finishing the project down to nothing. I say use everything you can to make your job easier. That is how computer software has evolved as far as it has.

Multiple PHP libraries which died (nobody went further with them). Linux distro which disapeared, and much more. Don't think it's always better with commercial things: Silverlight from MS is a good (bad) example => all basically died. Java was another nightmare: I started LONG time ago, even before 1.2 (Called Java 2), and for each release those stupid people at SUN was able to deprecate some func or class while forcing you to other ways, for the next release to come back to the previous (vector was at some point deprecated only to be added back later on). The compile once and run everywhere never worked for me, nor even between releases.

That's why I'm more than careful to pick any tech / lib now. Either it's because I don't have choice, or there is multiple vendor support. Otherwise I try to avoid to jump on some band wagon.

In case of Three.JS I took it because I didn't wanted at first to go to pure Web GL and Babylon.JS doesn't seems to work all that well nor seems to offer what I need. So only real choice was Three.JS but as expected it already costs me as I can't easily upgrade to the new version as API changed and would force me to edit my own code to be able to upgrade... no way I would do that every X weeks.

Oh, I was definitely not saying commercial stuff is better. It is usually much, much worse for the reasons you mentioned. Using Microsoft development platforms? Well, they basically dictate when you stop using something for public-facing apps because they can simply remove support for it in a new versions of Windows or IE. Like you said, Silverlight was stomped into the mud and was one of the fastest disappearing platforms I have ever seen. XNA was also a dead-end after the Xbox One and Windows Phone 8 were released if you don't count Monogame.

And yes, oftentimes smaller libraries will go away. That is why I mentioned bigger libraries and frameworks like Socket.io, three.js, jQuery, etc. These have all gotten so big you really couldn't kill them if you tried. Far too many people depend on them and a new open source community will reform around them even if the original dev throws in the towel.

Granted, I usually do make the decision if a particular framework or library can fit my needs completely today. I won't use a pre-1.0 piece of software to begin on a large project if some features I need are "coming soon". Because if it fits all my needs today, and I have the source code, what does it really matter to me if development stops on it next week? I can plug up security issues myself if I need to, and they are the same ones I would be plugging up if I wrote the solution from scratch, plus about 10x more code on top of that.

I guess I still don't see the downside. Even if development stopped tomorrow, I would still have a massive head start over making it all myself.

It's much harder to debug a code you didn't wrote and don't even know that writing your own. At least for me. So finding bugs (security or other) inside someone else code, I would prefer many times write all myself. Also, many times, using pre-made code forces you to do things like the frameworks intend to work, and not like you would want it.

For me that stuff is not much of an issue, provided the code is engineered well (and if it a popular open source project, it better be engineered well). Of course it will take a bit longer to learn the structure of the code, but it should not nearly take as long as coding and debugging it from scratch.

I know in my heart that I better drop the crutches and go stock WEBGL before I get too deep. I also need to drop a couple of modules in node, and go as vanilla with node as I can. Express itself is a huge crutch that I feel is going to make things harder in the long run. This makes my head hurt; I should just drink beer and watch nascar...

Noooo! Use Express all day, every day! It is the absolute industry standard, and if you are re-writing a web framework from scratch using Connect or, even worse, from vanilla node, you are doing it wrong! This isn't PHP where you can just start web development in vanilla node. You will have to write up a whole HTTP sockets system, create a sessions solution from scratch, and so much more low-level stuff that is already done for you in PHP. PHP comes stock with a standard web development framework; node does not.